Cybersecurity Risk Analyst

United States

Auto‑apply with AI Apply

Not SpecifiedCompensation

Junior (1 to 2 years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, Digital Health, Information SecurityIndustries

Requirements

Candidates should possess 3+ years of professional experience in information technology and 1+ years in an IT security role with oversight of GRC processes, along with strong, practical experience working in a HIPAA environment. Hands-on experience with the implementation and management of security frameworks such as ISO 27001, NIST, or CSF is required, as well as proficiency with ticketing systems such as JIRA or ServiceNow and familiarity with conducting Business Impact Assessments.

Responsibilities

The Cybersecurity Risk Analyst will perform IT risk assessments and audits, articulating technical risks in terms of business impact, identify critical risks and issues, develop contingency plans, and escalate unresolved matters to senior management. They will manage risk register items by assigning ownership, tracking progress, and driving remediation efforts, manage the lifecycle of all risk acceptances and policy exceptions, facilitate planning, execution, and reporting of risk assessments and audits to support compliance with security frameworks (CIS, HIPAA, NIST, ISO), assist in the day-to-day management of the IT GRC program, identify opportunities for improvement in existing processes and controls, build and manage GRC frameworks and processes, develop vendor assessment standards and processes for third-party technology vendors, participate in cybersecurity incident response activities, assess the impact of incidents and initiate appropriate remediation measures, conduct internal and external audits and assessments to verify adherence to security controls, and generate regular reports on the organization’s risk posture and security status.

Skills

IT risk assessments

Risk management

GRC frameworks

Security frameworks (CIS, HIPAA, NIST, ISO)

Vendor assessment

Incident response

Policy management

Third-party/vendor risk management

PatientPoint

Delivers targeted health information solutions

About PatientPoint

PatientPoint provides targeted health information to patients and healthcare providers at critical points in the care journey, focusing on patient engagement and education. Its engagement platform delivers relevant health information through various touchpoints, such as waiting rooms and remote monitoring, ensuring patients receive timely information that can positively influence their health behaviors. The company differentiates itself by connecting healthcare providers with pharmaceutical and health brands through point-of-care marketing, while also offering solutions for improving online presence and reputation. PatientPoint's goal is to enhance patient experiences and health outcomes through personalized engagement solutions.

Cincinnati, OhioHeadquarters

1987Year Founded

$136.3MTotal Funding

LATE_VCCompany Stage

Biotechnology, HealthcareIndustries

501-1,000Employees

Benefits

Unlimited Paid Time Off

Hybrid Work Options

Mental Health Support

401(k) Retirement Plan

Risks

Increased competition from companies like Rendia may impact market share.

New president's strategic shifts could disrupt current business operations.

Challenges in integrating online healthcare communities may lead to inefficiencies.

Differentiation

PatientPoint customizes content for unique patient needs in healthcare settings.

Recognized for excellence in consumer-facing health information for 12 consecutive years.

Integrates health education solutions into sports environments, enhancing player health and performance.

Upsides

Growing demand for personalized healthcare solutions boosts patient engagement platforms.

AI integration enhances personalized content delivery and patient outcomes.

Partnerships with digital health communities expand patient engagement opportunities.

Land your dream remote job 3x faster with AI

Try Jobo Free